Paramètres d'affichage

Choisissez un thème pour personnaliser l'apparence du site.

https://transport.data.gouv.fr

Faciliter l'accès à l’information voyageur pour tous, partout en France, grâce à l’ouverture des données.
Copie d'écran de https://transport.data.gouv.fr

Nmap

Scan Summary :

B

severityservicevulnerability

info

http (port:80)

info

tcpwrapped (port:179)

info

https (port:443)

info

socks (port:1080)

info

pvuniwien (port:1081)

info

ppp (port:3000)

info

ssh (port:5002)

info

amqp (port:5800)

info

unknown (port:5962)

info

tcpwrapped (port:9999)
Consulter le rapport détaillé

Mozilla HTTP observatoryenviron 1 heure

Scan Summary :

D+

ImpactDescriptionDocumentation

-20

Doc Content Security Policy. L'extension github.com/april/laboratory permet de générer la CSP pour votre application.

-20

OWASP Session Management Cheat Sheet.

-20

Doc header Strict-Transport-Security (HSTS).

Rapport détaillé

SSL

Scan Summary :

A


Grade capped to A. HSTS is not offered


Expiration : 19/04/2024

Rapport détaillé

Scan OWASPenviron 1 heure

riskname

High (High)

PII Disclosure

Medium (High)

CSP: Wildcard Directive

Medium (High)

CSP: script-src unsafe-eval

Medium (High)

CSP: script-src unsafe-inline

Medium (High)

Content Security Policy (CSP) Header Not Set

Medium (High)

Sub Resource Integrity Attribute Missing

Medium (Medium)

Application Error Disclosure

Medium (Medium)

Missing Anti-clickjacking Header

Medium (Low)

Absence of Anti-CSRF Tokens

Low (High)

CSP: Notices

Low (High)

Strict-Transport-Security Header Not Set

Low (Medium)

Application Error Disclosure

Low (Medium)

Cookie Without Secure Flag

Low (Medium)

Cross-Domain JavaScript Source File Inclusion

Low (Medium)

Permissions Policy Header Not Set

Low (Medium)

X-Content-Type-Options Header Missing

Low (Low)

Dangerous JS Functions

Low (Low)

Timestamp Disclosure - Unix

Informational (High)

Sec-Fetch-Dest Header is Missing

Informational (High)

Sec-Fetch-Mode Header is Missing

Informational (High)

Sec-Fetch-Site Header is Missing

Informational (High)

Sec-Fetch-User Header is Missing

Informational (Medium)

Base64 Disclosure

Informational (Medium)

Information Disclosure - Sensitive Information in URL

Informational (Medium)

Modern Web Application

Informational (Medium)

Non-Storable Content

Informational (Medium)

Session Management Response Identified

Informational (Low)

Information Disclosure - Suspicious Comments

Informational (Low)

Re-examine Cache-control Directives

Informational (Low)

User Controllable HTML Element Attribute (Potential XSS)

Rapport détaillé

Nucleienviron 1 heure

SéveritéNameMatcher

info

DNS DMARC - Detectdmarc-detect

info

CAA Recordcaa-fingerprint

info

NS Record Detectionnameserver-fingerprint

info

DNS TXT Record Detectedtxt-fingerprint

info

MX Record Detectionmx-fingerprint

info

Wappalyzer Technology Detectionmailchimp

info

HTTP Missing Security Headerscross-origin-opener-policy

info

HTTP Missing Security Headerscross-origin-resource-policy

info

HTTP Missing Security Headerspermissions-policy

info

HTTP Missing Security Headersx-frame-options

info

HTTP Missing Security Headersreferrer-policy

info

HTTP Missing Security Headersx-permitted-cross-domain-policies

info

HTTP Missing Security Headersclear-site-data

info

HTTP Missing Security Headerscross-origin-embedder-policy

info

HTTP Missing Security Headersstrict-transport-security

info

HTTP Missing Security Headerscontent-security-policy

info

HTTP Missing Security Headersx-content-type-options

info

TLS Version - Detecttls-version

info

TLS Version - Detecttls-version

info

Detect SSL Certificate Issuerssl-issuer

info

SSL DNS Namesssl-dns-names